rector/jack

Jack helps you incrementally update your `composer.json` dependencies, ensuring your project stays current without the chaos of outdated packages

Maintainers

Details

github.com/rectorphp/jack

Source

Issues

Fund package maintenance!
tomasvotruba
www.paypal.me/rectorphp

Installs: 2 765

Dependents: 4

Suggesters: 0

Security: 0

Stars: 25

Watchers: 3

Forks: 0

Open Issues: 0

0.1.7 2025-05-13 13:47 UTC

Requires

  • php: >=7.2

MIT b1696e73db88a461249a5fedc116d5da855b6c9c

This package is auto-updated.

Last update: 2025-05-13 13:47:59 UTC

README

Experimental: Jack is an experimental project under active development. It is not yet stable, may contain bugs or undergo breaking changes. It's build it in the open with the community feedback.

Downloads total


In real world, "jack" is a tool that helps to raise your heavy car one inch at a time. So you can fix any issues down there and drive safely on journeys to come.


Jack


In Composer world, Jack helps you to raise dependencies one version at a time, safely and steadily.

Say goodbye to unnoticed, years-old dependencies!


Why Jack?

Manually upgrading dependencies can be daunting, especially when tackling multiple outdated packages at once. Large upgrades often lead to errors, compatibility issues, and costly delays.

Jack automates and simplifies this process by:

  • Monitoring outdated dependencies via CI.
  • Gradually opening up package versions for safe updates.
  • Prioritizing low-risk updates (e.g., dev dependencies).

Install

Rector Jack is downgraded and scoped. It requires PHP 7.2+ and can be installed on any legacy project.

composer require rector/jack --dev

Usage

Jack offers two powerful commands to keep your dependencies up to date:


1. Too many outdated dependencies? Let your CI tell you

Postponing upgrades often results in large, risky jumps (e.g., updating once a 3 years). Jack integrates with your CI pipeline to catch outdated dependencies early.

Run the breakpoint command to check for outdated major packages:

vendor/bin/jack breakpoint

Jack


If there are more than 5 major outdated packages, the CI will fail.


Use --limit to raise or lower your bar:

vendor/bin/jack breakpoint --limit 3

This ensures upgrades stay on your radar without overwhelming you. No more "oops, our 30 dependencies are 5 years old" moments!


It's safer to start upgrading dev packages first. You can spot them like this:

vendor/bin/jack breakpoint --dev

2. Open up Next Versions

We know we're behind the latest versions of our dependencies, but where to start? Which versions should be force to update first? We can get lot of conflicts if we try to bump wrong end of knot.

Instead, let Composer handle it. How? We open-up package versions to the next version:

vendor/bin/jack open-versions

This command opens up 5 versions to their next nearest step, e.g.:

 {
     "require": {
         "php": "^7.4",
-            "symfony/console": "5.1.*"
+            "symfony/console": "5.1.*|5.2.*"
         },
         "require-dev": {
-            "phpunit/phpunit": "^9.0"
+            "phpunit/phpunit": "^9.0|^10.0"
         }
     }
 }

Then we run Composer to do the work:

composer update

If no blockers exist, Composer will update packages to their next version.


To change the number of packages, use --limit option:

vendor/bin/jack open-versions --limit 3

To upgrade only specific group of packages, use ``--package-prefix` option:

vendor/bin/jack open-versions --package-prefix symfony

To preview changes without modifying composer.json, use:

vendor/bin/jack open-versions --dry-run

Do you want to play it safe? Try low-risk dev packages first:

vendor/bin/jack open-versions --dev

Happy coding!